Episode 89: The Untapped Bug Bounty Landscape of IoT w/ Matt Brown
Critical Thinking - Bug Bounty Podcast19 Sep 2024

Episode 89: The Untapped Bug Bounty Landscape of IoT w/ Matt Brown

Episode 89: In this episode of Critical Thinking - Bug Bounty Podcast We’re joined live by Matt Brown to talk about his journey with hacking in the IoT. We cover the specializations and challenges in hardware hacking, and Matt’s personal Methodology. Then we switch over to touch on BGA Reballing, Certificate Pinning and Validation, and some of his own bug stories.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Find the Hackernotes: https://blog.criticalthinkingpodcast.io/

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Today’s Sponsor: Project Discovery - tldfinder: https://www.criticalthinkingpodcast.io/tldfinder

Today’s Guess Matt Brown: https://x.com/nmatt0

Resources:

Decrypting SSL to Chinese Cloud Servers

https://www.youtube.com/watch?v=3qSxxNvuEtg

mitmrouter

https://github.com/nmatt0/mitmrouter

certmitm Automatic Exploitation of TLS Certificate Validation Vulns

https://www.youtube.com/watch?v=w_l2q_Gyqfo

and

https://media.defcon.org/DEF%20CON%2031/DEF%20CON%2031%20presentations/Aapo%20Oksman%20-%20certmitm%20automatic%20exploitation%20of%20TLS%20certificate%20validation%20vulnerabilities.pdf

https://github.com/aapooksman/certmitm

HackerOne Detailed Platform Standards

https://docs.hackerone.com/en/articles/8369826-detailed-platform-standards

Timestamps:

(00:00:00) Introduction

(00:13:33) Specialization and Challenges of IOT Hacking

(00:33:03) Decrypting SSL to Chinese Cloud Servers

(00:47:00) General IoT Hacking Methodology

(01:26:00) Certificate Pinning and Certificate Validation

(01:34:35) BGA Reballing

(01:43:26) Bug Stories

Episoder(171)

Episode 171: Path-Scoped Cookie Hacks with Uppercase & Post-based Raw Protobuf XSS

Episode 171: Path-Scoped Cookie Hacks with Uppercase & Post-based Raw Protobuf XSS

Episode 171: In this episode of Critical Thinking - Bug Bounty Podcast Justin gives us some quick tips from his own hacking, including some clickjacking, using capital letters, and the potential value...

23 Apr 22min

Episode 170: Claude Code + Tmux, Websockets, and Other Korea LHE Takeaways

Episode 170: Claude Code + Tmux, Websockets, and Other Korea LHE Takeaways

Episode 170: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph their trip to Korea with some quick takeaways from the LHE. Follow us on twitter at: https://x.com/ctbbpodcastG...

16 Apr 32min

Episode 169: Attacking OAuth 2.1

Episode 169: Attacking OAuth 2.1

Episode 169: In this episode of Critical Thinking - Bug Bounty Podcast gr3pme goes over some of the changes from OAuth 2.0 vs 2.1 and how Hackers can capitalize.Follow us on twitter at: https://x.com/...

9 Apr 30min

Episode 168: XSSDoctor - Client-side Path Traversal Research

Episode 168: XSSDoctor - Client-side Path Traversal Research

Episode 168: In this episode of Critical Thinking - Bug Bounty Podcast we’re getting a visit from the XSS Doctor. Jonathan joins us to go through his Client-side workflow, run labs, and diagnose some ...

2 Apr 1h 35min

Episode 167: Stealing Bugs with Valeriy Shevchenko

Episode 167: Stealing Bugs with Valeriy Shevchenko

Episode 167: In this episode of Critical Thinking - Bug Bounty Podcast we welcome Valeriy Shevchenko to talk about program management, anchor programs, and Theft in Bug Bounty.Follow us on twitter at:...

26 Mar 51min

Episode 166: Rez0’s Top Claude Skill Secrets

Episode 166: Rez0’s Top Claude Skill Secrets

Episode 166: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Rez0’s Claude Skill Secrets, when AI Generated reports fall apart, and agents vs filters.Follow us on twitter at: h...

19 Mar 53min

Episode 165: Protobuf Hacking, AI-Powered Bug Hunting, and Self-Improving Claude Workflows

Episode 165: Protobuf Hacking, AI-Powered Bug Hunting, and Self-Improving Claude Workflows

Episode 165: In this episode of Critical Thinking - Bug Bounty Podcast Justin recaps his Zero Trust World experience, before we dive into Permissions issues client-side bugs, New Hardware Hacking Clas...

12 Mar 44min

Episode 164: Tommy DeVoss: From Black Hat to Bug Bounty LEGEND

Episode 164: Tommy DeVoss: From Black Hat to Bug Bounty LEGEND

Episode 164: In this episode of Critical Thinking - Bug Bounty Podcast Justin sits down with Tommy DeVoss to talk about his origin story, Yahoo bugs, and how Tommy first got Justin into Bug BountyFoll...

5 Mar 1h 11min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
teknisk-sett
nasjonal-sikkerhetsmyndighet-nsm
shifter
tomprat-med-gunnar-tjomlid
teknologi-og-mennesker
rss-impressions-2
smart-forklart
rss-alt-som-gar-pa-strom
energi-og-klima
elektropodden
fornybaren
pedagogisk-intelligens
rss-polypod
rss-fish-ships
rss-djtommy43
rss-ki-praten
rss-ai-forklart
rss-grenser-for-ki